Symantec researchers have identified a malicious campaign perpetrated by a hacker group associated with the Chinese government that leverages VLC Media Player to launch a custom malware loader.
The campaign by the threat actor Cicada has targeted government, legal, and religious entities and non-governmental organizations on at least three continents.
The researchers found evidence that the hackers exploited a known vulnerability that allowed them to breach networks through a Microsoft Exchange Server.
Among other things, the hackers launched a WinVNC server to control the affected systems remotely.
The researchers found that the hackers' dwell time on some of the compromised networks was as long as nine months.
View Full Article
Abstracts Copyright © 2022 SmithBucklin, Washington, DC, USA
No entries found